9 messages in ru.sysoev.nginxRe: avoiding disk cache on proxy ?
FromSent OnAttachments
Jonathan VanascoJan 15, 2007 1:31 pm 
Ezra ZygmuntowiczJan 15, 2007 6:43 pm 
Jonathan VanascoJan 15, 2007 11:38 pm 
Igor SysoevJan 16, 2007 12:09 pm 
Igor SysoevJan 16, 2007 12:11 pm 
Igor SysoevJan 16, 2007 12:17 pm 
Jonathan VanascoJan 16, 2007 12:44 pm 
Igor SysoevJan 16, 2007 12:58 pm 
Aleksandar LazicJan 16, 2007 1:41 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: avoiding disk cache on proxy ?Actions...
From:Igor Sysoev (is-G@public.gmane.org)
Date:Jan 16, 2007 12:58:00 pm
List:ru.sysoev.nginx

On Tue, 16 Jan 2007, Jonathan Vanasco wrote:

On Jan 16, 2007, at 3:17 PM, Igor Sysoev wrote:

Of course, a client "X-Forwarded-For" is not reliable, but you may log the header for some reason.

I usually pass a client address in "X-Real-IP" header and the "X-Forwarded-For" header is passed as is.

in the past, I've done this:

Proxy in: strip all x-* headers insert x-forwarded-for / x-real-ip info insert x-internal-passkey , which is just a simple string that is known only to proxy and backend apps. this gives a little more assurance to the backend app that the request came through the expected proxy server Proxy out: strip all x-* headers

would that be difficult to do in nginx ?

nginx does not allow wildcards in proxy_set_header and in proxy_hide_header, you may set only exact names: for perfomance reason it uses the hashes to look up header names. Thus you may only

in: proxy_set_header x-internal-passkey value;

out: proxy_hide_header x-internal-header;

Igor Sysoev http://sysoev.ru/en/